git-pr-workflows-git-workflow
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious instructions, hidden code, or dangerous command executions were detected. The skill is designed to manage development workflows using specialized subagents.
- [PROMPT_INJECTION]: The skill processes external data (uncommitted code changes, test results) which represents an indirect prompt injection surface. This is a characteristic of the skill's primary function as an automated code review tool. Mandatory Evidence Chain: 1) Ingestion points: Phase 1 (uncommitted changes), Phase 2 (test results). 2) Boundary markers: Absent in prompt templates. 3) Capability inventory: Subagents like 'deployment-engineer' and 'test-automator' likely possess shell or git access. 4) Sanitization: No explicit sanitization or escaping of ingested code content is shown in the orchestration logic.
Audit Metadata